65f1e2dbe0b3951ebf9baa06700c4845_JaffaCakes118

General

Target

65f1e2dbe0b3951ebf9baa06700c4845_JaffaCakes118
Size

11.7MB
MD5

65f1e2dbe0b3951ebf9baa06700c4845
SHA1

f410739ec2036e10c84bafbc946e814f90d6dd85
SHA256

d45312b200ed5b110e9f14fa32d1b82b6f589dfb33b00cf6cc66702087338841
SHA512

d1a3c3e0df9d869aa433750563ef4c5508e32895d0dc50292d5048d5d63c3e1a84c0131556ffc474cb2e89d07278089517460a80a7f08d8bd63fb6e53ed9dcf2
SSDEEP

196608:vfGrem3A50jVMddJiplniSenreD3mj7tWyOkZyF878ivP5NLL94zX4XIJzl8jnf4:WrD3A50j0EunreD3mj7tWBgyFg7P5NL+

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS

Files

65f1e2dbe0b3951ebf9baa06700c4845_JaffaCakes118
.apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

com.shanpow.mobok

com.shanpow.mobok.SplashActivity_

Activities

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.shanpow.mobok.SplashActivity_

android.intent.action.MAIN
android.intent.action.VIEW

com.shanpow.mobok.SearchActivity_

android.intent.action.SEARCH

Permissions

android.permission.GET_TASKS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MANAGE_ACCOUNTS
android.permission.GET_ACCOUNTS
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.WRITE_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.REORDER_TASKS

Receivers

com.umeng.message.RegistrationReceiver

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.BOOT_COMPLETED

com.umeng.message.UmengBroadcastReceiver

org.agoo.android.intent.action.RECEIVE
com.shanpow.mobok.intent.action.COMMAND
org.agoo.android.intent.action.RE_ELECTION_V2

com.umeng.message.BootBroadcastReceiver

android.intent.action.BOOT_COMPLETED

Services

com.umeng.message.UmengService

com.shanpow.mobok.intent.action.START
com.shanpow.mobok.intent.action.COCKROACH
org.agoo.android.intent.action.PING

org.android.agoo.service.ElectionService

org.agoo.android.intent.action.ELECTION_V2

Android Permissions

65f1e2dbe0b3951ebf9baa06700c4845_JaffaCakes118

Permissions

android.permission.GET_TASKS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MANAGE_ACCOUNTS

android.permission.GET_ACCOUNTS

android.permission.WAKE_LOCK

android.permission.VIBRATE

android.permission.WRITE_SETTINGS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.REORDER_TASKS

Sharing

General

Malware Config

Signatures

Files

com.shanpow.mobok

com.shanpow.mobok.SplashActivity_

Activities

com.tencent.tauth.AuthActivity

com.shanpow.mobok.SplashActivity_

com.shanpow.mobok.SearchActivity_

Permissions

Receivers

com.umeng.message.RegistrationReceiver

com.umeng.message.UmengBroadcastReceiver

com.umeng.message.BootBroadcastReceiver

Services

com.umeng.message.UmengService

org.android.agoo.service.ElectionService

Android Permissions

65f1e2dbe0b3951ebf9baa06700c4845_JaffaCakes118